← Back to search network filesystem shell env_vars
io.github.firebase/firebase-mcp
Gives AI development tools Firebase-specific capabilities and expertise.
? Not scanned yet
Versions
0.3.0 latest May 19, 2026
15.18.0 May 13, 2026
15.17.0 May 7, 2026
15.16.0 Apr 29, 2026
15.15.0 Apr 16, 2026
15.14.0 Apr 9, 2026
15.13.0 Apr 2, 2026
15.12.0 Mar 27, 2026
15.11.0 Mar 18, 2026
15.10.1 Mar 16, 2026
15.10.0 Mar 12, 2026
15.9.1 Mar 9, 2026
15.9.0 Mar 9, 2026
15.8.0 Feb 25, 2026
15.7.0 Feb 20, 2026
15.6.0 Feb 12, 2026
15.5.1 Jan 30, 2026
15.5.0 Jan 29, 2026
15.4.0 Jan 22, 2026
15.3.1 Jan 15, 2026
15.3.0 Jan 15, 2026
15.2.1 Jan 8, 2026
15.2.0 Jan 8, 2026
15.1.0 Dec 18, 2025
15.0.0 Dec 10, 2025
14.27.0 Dec 4, 2025
14.26.0 Nov 21, 2025
14.25.1 Nov 19, 2025
14.25.0 Nov 13, 2025
14.24.2 Nov 10, 2025
14.24.1 Nov 7, 2025
14.24.0 Nov 5, 2025
14.23.0 Oct 30, 2025
14.22.0 Oct 23, 2025
14.21.0 Oct 22, 2025
14.20.0 Oct 15, 2025
14.19.1 Oct 8, 2025
14.19.0 Oct 7, 2025
14.18.0 Oct 2, 2025
14.17.0 Sep 17, 2025
14.16.0 Sep 10, 2025
14.15.2 Sep 3, 2025
14.15.1 Aug 28, 2025
14.15.0 Aug 27, 2025
14.14.0 Aug 21, 2025
14.13.0 Aug 21, 2025
14.12.1 Aug 15, 2025
14.12.0 Aug 6, 2025
14.11.2 Jul 30, 2025
14.11.1 Jul 22, 2025
14.11.0 Jul 17, 2025
14.10.1 Jul 10, 2025
14.10.0 Jul 10, 2025
14.9.0 Jun 26, 2025
14.8.0 Jun 20, 2025
14.7.0 Jun 12, 2025
14.6.0 Jun 4, 2025
14.5.1 May 30, 2025
14.5.0 May 29, 2025
14.4.0 May 16, 2025
14.3.1 May 9, 2025
14.3.0 May 7, 2025
14.2.2 Apr 30, 2025
14.2.1 Apr 23, 2025
14.2.0 Apr 16, 2025
14.1.0 Apr 2, 2025
14.0.1 Mar 28, 2025
14.0.0 Mar 27, 2025
13.35.1 Mar 21, 2025
13.35.0 Mar 20, 2025
13.34.0 Mar 11, 2025
13.33.0 Mar 6, 2025
13.32.0 Feb 27, 2025
13.31.2 Feb 19, 2025
13.31.1 Feb 13, 2025
13.31.0 Feb 12, 2025
13.30.0 Feb 4, 2025
13.29.3 Jan 30, 2025
13.29.2 Jan 22, 2025
13.29.1 Dec 13, 2024
13.29.0 Dec 12, 2024
13.28.0 Dec 4, 2024
13.27.0 Nov 21, 2024
13.26.0 Nov 19, 2024
13.25.0 Nov 12, 2024
13.24.2 Nov 7, 2024
13.24.1 Nov 5, 2024
13.24.0 Nov 4, 2024
13.23.1 Oct 30, 2024
13.23.0 Oct 22, 2024
13.22.1 Oct 16, 2024
13.22.0 Oct 8, 2024
13.21.0 Oct 8, 2024
13.20.2 Sep 30, 2024
13.20.1 Sep 27, 2024
13.20.0 Sep 26, 2024
13.19.0 Sep 23, 2024
13.18.0 Sep 19, 2024
13.17.0 Sep 11, 2024
13.16.0 Aug 27, 2024
13.15.4 Aug 21, 2024
Tools 0
No tools indexed yet.
Permissions 4
network medium filesystem low shell high env_vars low Scan Findings 139
info
package.json metadata
info
Transport: streamable-http
info
Required env vars (112)
medium
Permission: network access detected
low
Permission: filesystem access detected
high
Permission: shell access detected
low
Permission: env_vars access detected
medium
Excessive dependency count: 159 direct dependencies
medium
Suspicious package name: react-dom
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.24.0 (GHSA-345p-7cg4-v4c7)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.24.0 (GHSA-8r9q-7v3j-jr4g)
medium
Vulnerable dependency: ajv@8.17.1 (GHSA-2g4f-4pwh-qvx6)
medium
Vulnerable dependency: body-parser@1.19.0 (GHSA-qwcr-r2fm-qrc7)
medium
Vulnerable dependency: express@4.16.4 (GHSA-qw6h-vgh9-j6wx)
medium
Vulnerable dependency: express@4.16.4 (GHSA-rv95-896h-c2vc)
medium
Vulnerable dependency: form-data@4.0.1 (GHSA-fjxv-7rqg-78g4)
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-23c5-xmqv-rm74)
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-3ppc-4f35-3m26)
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-7r86-cg39-jmmj)
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-f8q6-p94x-37v3)
medium
Vulnerable dependency: pglite-2@npm:@electric-sql/pglite@0.2.17 (MAL-2025-42056)
medium
Vulnerable dependency: tmp@0.2.3 (GHSA-52f5-9888-hmc6)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-49w6-73cw-chjr)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-5ff5-9fcw-vg88)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-c4pw-33h3-35xw)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-fvmw-cj7j-j39q)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-ggxq-hp9w-j794)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-j687-52p2-xcff)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-whqg-ppgf-wp8c)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-wrwg-2hg8-v723)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-x3h8-62x9-952g)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-xf8x-j4p2-f749)
medium
Vulnerable dependency: astro@2.2.3 (GHSA-xr5h-phrj-8vxv)
medium
Vulnerable dependency: firebase@9.16.0 (GHSA-3wf4-68gx-mph8)
medium
Vulnerable dependency: next@14.1.0 (GHSA-36qx-fr4f-26g5)
medium
Vulnerable dependency: next@14.1.0 (GHSA-3g8h-86w9-wvmq)
medium
Vulnerable dependency: next@14.1.0 (GHSA-3h52-269p-cp9r)
medium
Vulnerable dependency: next@14.1.0 (GHSA-3x4c-7xq6-9pq8)
medium
Vulnerable dependency: next@14.1.0 (GHSA-4342-x723-ch2f)
medium
Vulnerable dependency: next@14.1.0 (GHSA-5j59-xgg2-r9c4)
medium
Vulnerable dependency: next@14.1.0 (GHSA-7gfc-8cq8-jh5f)
medium
Vulnerable dependency: next@14.1.0 (GHSA-7m27-7ghc-44w9)
medium
Vulnerable dependency: next@14.1.0 (GHSA-8h8q-6873-q5fj)
medium
Vulnerable dependency: next@14.1.0 (GHSA-9g9p-9gw9-jx7f)
medium
Vulnerable dependency: next@14.1.0 (GHSA-c4j6-fc7j-m34r)
medium
Vulnerable dependency: next@14.1.0 (GHSA-f82v-jwr5-mffw)
medium
Vulnerable dependency: next@14.1.0 (GHSA-ffhc-5mcf-pf4q)
medium
Vulnerable dependency: next@14.1.0 (GHSA-fr5h-rqp8-mj6g)
medium
Vulnerable dependency: next@14.1.0 (GHSA-g5qg-72qw-gw5v)
medium
Vulnerable dependency: next@14.1.0 (GHSA-g77x-44xx-532m)
medium
Vulnerable dependency: next@14.1.0 (GHSA-ggv3-7p47-pfv8)
medium
Vulnerable dependency: next@14.1.0 (GHSA-gp8f-8m3g-qvj9)
medium
Vulnerable dependency: next@14.1.0 (GHSA-gx5p-jg67-6x7h)
medium
Vulnerable dependency: next@14.1.0 (GHSA-h25m-26qc-wcjf)
medium
Vulnerable dependency: next@14.1.0 (GHSA-h64f-5h5j-jqjh)
medium
Vulnerable dependency: next@14.1.0 (GHSA-mwv6-3258-q52c)
medium
Vulnerable dependency: next@14.1.0 (GHSA-q4gf-8mx6-v5v3)
medium
Vulnerable dependency: next@14.1.0 (GHSA-qpjv-v59x-3qc4)
medium
Vulnerable dependency: next@14.1.0 (GHSA-vfv6-92ff-j949)
medium
Vulnerable dependency: next@14.1.0 (GHSA-xv57-4mr9-wg8v)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-353f-5xf4-qw67)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-356w-63v5-8wf4)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-4r4m-qw57-chr8)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-4w7w-66w2-5vf9)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-64vr-g452-qvp3)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-859w-5945-r5v3)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-8jhw-289h-jh2g)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-93m4-6634-74q7)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-9cwx-2883-4wfx)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-c24v-8rfc-w8vw)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-g4jq-h2w9-997c)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-jqfw-vq24-v9c3)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-vg6x-rcgg-rjx6)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-x574-m823-4x7w)
medium
Vulnerable dependency: vite@4.2.1 (GHSA-xcj6-pq6g-qj4x)
medium
Vulnerable dependency: shelljs@0.8.3 (GHSA-4rq4-32rv-6wp6)
medium
Vulnerable dependency: shelljs@0.8.3 (GHSA-64g7-mvw6-v9qj)
medium
Vulnerable dependency: js-yaml@4.1.0 (GHSA-mh29-5h37-fv8m)
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-38r7-794h-5758)
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-4vvj-4cpr-p986)
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-8fgc-7cc6-rx7x)
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-hc6q-2mpp-qw7j)
medium
Vulnerable dependency: next@16.2.4 (GHSA-26hh-7cqf-hhc6)
medium
Vulnerable dependency: next@16.2.4 (GHSA-492v-c6pp-mqqv)
medium
Vulnerable dependency: next@16.2.4 (GHSA-8h8q-6873-q5fj)
medium
Vulnerable dependency: next@16.2.4 (GHSA-ffhc-5mcf-pf4q)
medium
Vulnerable dependency: next@16.2.4 (GHSA-h64f-5h5j-jqjh)
medium
Vulnerable dependency: next@16.2.4 (GHSA-wfc6-r584-vfw7)
medium
Vulnerable dependency: @angular/common@17.0.5 (GHSA-58c5-g7wp-6w37)
medium
Vulnerable dependency: @angular/compiler@17.0.5 (GHSA-g93w-mfhg-p222)
medium
Vulnerable dependency: @angular/compiler@17.0.5 (GHSA-jrmj-c5cx-3cw6)
medium
Vulnerable dependency: @angular/compiler@17.0.5 (GHSA-v4hv-rgfq-gp49)
medium
Vulnerable dependency: @angular/core@17.0.5 (GHSA-g93w-mfhg-p222)
medium
Vulnerable dependency: @angular/core@17.0.5 (GHSA-jrmj-c5cx-3cw6)
medium
Vulnerable dependency: @angular/core@17.0.5 (GHSA-prjf-86w9-mfqv)
medium
Vulnerable dependency: @angular/platform-server@17.0.5 (GHSA-45q2-gjvg-7973)
medium
Vulnerable dependency: @angular/platform-server@17.0.5 (GHSA-68x2-mx4q-78m7)
medium
Vulnerable dependency: @angular/platform-server@17.0.5 (GHSA-rfh7-fxqc-q52v)
medium
Vulnerable dependency: @angular/ssr@17.0.5 (GHSA-68x2-mx4q-78m7)
medium
Vulnerable dependency: @angular/ssr@17.0.5 (GHSA-x288-3778-4hhx)
medium
Vulnerable dependency: express@4.15.2 (GHSA-qw6h-vgh9-j6wx)
medium
Vulnerable dependency: express@4.15.2 (GHSA-rv95-896h-c2vc)
medium
Vulnerable dependency: next@16.2.4 (GHSA-267c-6grr-h53f)
medium
Vulnerable dependency: next@16.2.4 (GHSA-36qx-fr4f-26g5)
medium
Vulnerable dependency: next@16.2.4 (GHSA-3g8h-86w9-wvmq)
medium
Vulnerable dependency: next@16.2.4 (GHSA-c4j6-fc7j-m34r)
medium
Vulnerable dependency: next@16.2.4 (GHSA-gx5p-jg67-6x7h)
medium
Vulnerable dependency: next@16.2.4 (GHSA-mg66-mrh9-m8jx)
medium
Vulnerable dependency: next@16.2.4 (GHSA-vfv6-92ff-j949)
medium
Vulnerable dependency: firebase@9.9.0 (GHSA-3wf4-68gx-mph8)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.11.5 (GHSA-345p-7cg4-v4c7)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.11.5 (GHSA-8r9q-7v3j-jr4g)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.11.5 (GHSA-w48q-cv73-mx4w)
high
Generic API Key Assignment found in scripts/agent-evals/templates/crashlytics-flutter/lib/firebase_options.dart
high
Generic API Key Assignment found in scripts/agent-evals/src/data/index.ts
high
Hardcoded Password found in src/emulator/auth/state.ts
medium
High-entropy string (5.95 bits/char) in firebase-vscode/src/webview.ts:64
medium
High-entropy string (5.87 bits/char) in scripts/emulator-tests/functionsEmulator.spec.ts:485
medium
High-entropy string (5.86 bits/char) in scripts/emulator-tests/functionsEmulator.spec.ts:533
medium
Buffer.from base64 in src/accountImporter.ts:36
medium
Buffer.from base64 in src/init/features/ailogic/index.ts:134
medium
Buffer.from base64 in src/init/features/hosting/github.ts:657
medium
Buffer.from base64 in src/init/features/hosting/github.ts:681
medium
Hex string literal (>50 chars) in src/deploy/hosting/uploader.spec.ts:112
medium
Hex string literal (>50 chars) in src/deploy/hosting/uploader.spec.ts:113
medium
Buffer.from base64 in src/management/apps.ts:574
medium
Buffer.from base64 in src/mcp/tools/core/get_sdk_config.ts:53
medium
Buffer.from base64 in src/gcp/secretManager.ts:224
medium
Buffer.from base64 in src/emulator/tasksEmulator.ts:272
medium
Buffer.from base64 in src/emulator/auth/state.ts:942
medium
Buffer.from base64 in src/emulator/auth/operations.ts:2991
info
SLSA Build Level 1 detected
high
High-risk OAuth scope: https://www.googleapis.com/auth/cloud-platform
info
Could not connect to MCP server for output poisoning scan
info
Could not connect to MCP server for behavioral verification
info
SBOM generated: 3132 components
info
MITRE ATLAS technique coverage summary
info
ATLAS: Adversarial ML Supply Chain (AML.T0043)
info
ATLAS: Poison Training Data (AML.T0020)